Automate dns-01 challenge completion using Leaseweb Domains API.
Project description
certbot-dns-leaseweb
A certbot plugin that automates the process of completing a dns-01 challenge using Leaseweb's Domain API.
Install
certbot-dns-leaseweb should be installed via pip, in the same python
environment in which certbot is installed:
pip install certbot-dns-leaseweb
Usage
Use the following flags to certbot to use and control this plugin:
| Option | Description |
|---|---|
--authenticator dns-leaseweb |
required, enable and use this plugin. |
--dns-leaseweb-credentials |
required, Leaseweb API credentials INI file. |
--dns-leaseweb-propagation-seconds |
optional, seconds to wait for DNS records to propagate. |
Credentials
A suitable API token can be generated from https://secure.leaseweb.com/api-client-management/.
The token should then be stored in an INI file:
dns_leaseweb_api_token = notarealtoken
CAUTION: These API credentials should be carefully protected from exposure and unauthorised access.
They could be used to complete DNS challenges, allowing potentially unauthorised parties to obtain or revoke certificates for your domains.
Examples
Obtain a wildcard certificate for example.com:
certbot certonly \
--authenticator dns-leaseweb \
--dns-leaseweb-credentials leaseweb.ini \
-d '*.example.com'
Obtain a wildcard certificate for example.com, with extra time for propagation:
certbot certonly \
--authenticator dns-leaseweb \
--dns-leaseweb-credentials leaseweb.ini \
--dns-leaseweb-propagation-seconds 600 \
-d '*.example.com'
Docker
If you prefer to run certbot with the dns-leaseweb plugin in docker, you can
build a suitable image with make image.
The image comes with a partially-completed CLI as its entrypoint:
/usr/local/bin/certbot \
--authenticator=dns-leaseweb \
--dns-leaseweb-credentials=/etc/letsencrypt/credentials/leaseweb.ini
You will need to create a suitable credentials file for the plugin at
/etc/letsencrypt/credentials/leaseweb.ini for the instructions below to work.
You can then use it as:
docker run --rm -ti \
--volume "/etc/letsencrypt:/etc/letsencrypt" \
--volume "/var/lib/letsencrypt:/var/lib/letsencrypt" \
certbot-dns-leaseweb:latest \
certonly \
--dns-leaseweb-propagation-seconds 600 \
-d '*.example.com'
Issues and development
Please report any issues (or improvement suggestions) at https://gitlab.com/iwaseatenbyagrue/certbot-dns-leaseweb/-/issues.
If you want to hack on this project, please make sure you run tests and linting on your code:
make test
Thanks
To Letsencrypt, and the EFF for certbot.
This plugin is adapted from https://github.com/ctrlaltcoop/certbot-dns-hetzner, whose README was also the template for this file.
https://github.com/m42e/certbot-dns-ispconfig was also consulted during development of this plugin.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for certbot-dns-leaseweb-1.0.1.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | bd093a3406565bed9e7e1933ef9913651fad8c7eaaf88708261ea33bd3ce5071 |
|
| MD5 | 6d4553bef75683d86d18cc5dc1bb3899 |
|
| BLAKE2b-256 | b108adfc6c5a9d335097f9971ffaf436d5af81c36bec5ae0b3f1d9660a8552f5 |
Hashes for certbot_dns_leaseweb-1.0.1-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | edfc5cf025cb72dcac35c75c4c9fcde28aaf1665e64fcfa3b6f21dfef6fa03f4 |
|
| MD5 | 33bdc4cba046d36819c181f98cea8a39 |
|
| BLAKE2b-256 | 5d287fd9ff7c566957c49e39339eea3f5c86a9edf84d858cb5f1513031524f09 |
